On Jan 13, 2009, at 9:02 AM, SM wrote:
Hi Doug,
At 18:53 12-01-2009, Doug Otis wrote:
(see section 3.4.1 of [MAIL]) of an address, the pvalue reported
along with results for these mechanisms SHOULD NOT include the
local- part.
SHOULD NOT is not an recommendation to do something.
Doug Otis wrote:
[SPF/Sender ID debate omitted]
The draft points out in its Security Considerations (section 7.7) that issues
which may exist in the message evaluation methods it covers apply here as
well, and admonishes implementors to be aware of them. The context of
this draft is not the
[Apologies for the double-send; the headers got munged by my editor. -MSK]
Doug Otis wrote:
[SPF/Sender ID debate omitted]
The draft points out in its Security Considerations (section 7.7) that issues
which may exist in the message evaluation methods it covers apply here as
well, and admonishes
Murray S. Kucherawy wrote:
Doug Otis wrote:
[SPF/Sender ID debate omitted]
The draft points out in its Security Considerations (section 7.7) that issues
which may exist in the message evaluation methods it covers apply here as
well, and admonishes implementors to be aware of them. The
Hi Doug,
At 18:53 12-01-2009, Doug Otis wrote:
(see section 3.4.1 of [MAIL]) of an address, the pvalue reported
along with results for these mechanisms SHOULD NOT include the local- part.
SHOULD NOT is not an recommendation to do something.
Are you recommending coercion to resolve conflicts?
On Jan 12, 2009, at 6:53 PM, Murray S. Kucherawy wrote:
[Apologies for the double-send; the headers got munged by my editor.
-MSK]
Doug Otis wrote:
[...] while omitting the IP address of the SMTP client. This
prevents compliance with section 4.1 reputation check of an
authenticated
On Jan 10, 2009, at 12:31 AM, SM wrote:
At 15:44 09-01-2009, Douglas Otis wrote:
[...]
This leaves the issue of authentication itself clearly in the rough.
Section 1.5.2 of the draft explains why Sender-ID and SFP is
supported by this header field. In a nutshell, it's about using a
Douglas Otis wrote:
On Jan 9, 2009, at 12:48 PM, Lisa Dusseault wrote:
Hi Doug,
Does anybody support your review of sender-auth-header, to the point
of believing that the document should not be published? So far you
are still very much in the rough part of rough consensus.
thanks,
Lisa
At 15:44 09-01-2009, Douglas Otis wrote:
It states that only _authenticated_ information should be included
within the Authentication-Results header for either Sender-ID or
SPF. At the same time, the draft defines Sender-ID and SPF as being
an authorization method and _not_ the authentication
On Jan 9, 2009, at 12:48 PM, Lisa Dusseault wrote:
Hi Doug,
Does anybody support your review of sender-auth-header, to the point
of believing that the document should not be published? So far you
are still very much in the rough part of rough consensus.
thanks,
Lisa
On Wed, Jan 7,
10 matches
Mail list logo
